Target CIO Resigns, Highlights Growing Cyber Paranoia
Target's chief information officer Beth Jacob resigned Wednesday as the major retailer attempts to recover from one of the largest credit card heists ever pulled.
The loss of the highest-ranking tech executive for the major retailer comes one week after one week after financial disclosures revealed the security breach had badly hurt profits.
"While we are still in the process of an ongoing investigation, we recognize that the information security environment is evolving rapidly," Chief Executive Gregg Steinhafel said in a statement. "To ensure that Target is well positioned following the data breach we suffered last year, we are undertaking an overhaul of our information security and compliance structure and practices at Target."
News leaked out in December that Target had been the subject of an elaborate digital robbery -- one so large that it affected 110 million customers. The wave of digitally-induced paranoia that followed brought cybercrimes to the forefront, and the result has been the U.S. government's increased involvement in cybersecurity.
One of the issues most alarming about the Target heist was the high viscosity of information flow to the public about the security breach from companies affected.
"Businesses should be required to provide prompt notice to consumers in the wake of a breach. American consumers should know when they are at risk of identify theft or other harms because of a data security breach," Acting Assistant Attorney General Mythili Raman told a Senate Judiciary Committee hearing last month.
"Never has the need for legislation been greater," Federal Trade Commission Commissioner Edith Ramirez said. "With reports of data breaches on the rise, and with a significant number of Americans suffering from identity theft, Congress needs to act. "
The White House recently released a comprehensive guideline for big firms concerning cybersecurity procedures in a 39-page plan titled "Framework for Improving Critical Infrastructure Cybersecurity." While it is not required to follow, the Obama administration has expressed its desire to have big firms follow the road map provided by the Cybersecurity Framework so that information about any threats can be communicated in a speedier, more articulate, and more transparent manner.
"There's a lot going on in this industry that impedes the flow of information," Brian Krebs said in New York Times article last month. Krebs is a security intelligence analyst and former Washington Post reporter who was the first to discover the Target credit card breach.
Still, despite the increased momentum behind cybersecurity, firms such as Target are despondent. Cybercrimes, they say, will continue to haunt them.
"The unfortunate reality is that we suffered a breach, and all businesses -- and their customers -- are facing increasingly sophisticated threats from cyber criminals," Target chief financial officer John J. Mulligan said during a February Senate hearing. "In fact, recent news reports have indicated that several other companies have been subjected to similar attacks."
It was at the same hearing that Neiman Marcus senior vice president Michael Kingston also acknowledged that the retailer's security software was so useless. Cyberattacks on Neiman Marcus that took place between July and October were not discovered until January, highlighting a new kind of arms race.